Dealiciously LLC

Privacy Policy

Last Modified: September 24, 2025

Dealiciously LLC ("we," "our," or "us") is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website and services (collectively, the "Service").

Please read this policy carefully. By using our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Service.

1. WHO WE ARE

Dealiciously LLC is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or how we handle your personal data, please contact us here.

2. THE PERSONAL DATA WE COLLECT

We collect and process the following categories of personal data:

• For marketing purposes (SMS autoresponder): name and phone number.
• For customer care purposes: name, email address, and phone number. Where we hold your phone number for marketing purposes, we may also use it to provide customer care.
• Technical data: IP address, browser type and version, device identifiers, referring URLs, and cookies or similar tracking technologies used to operate and improve our Service.

We only collect the personal data we need for the specific purposes described in this policy and do not collect more data than is necessary (the principle of data minimisation).

3. HOW WE COLLECT YOUR PERSONAL DATA

We collect personal data in the following ways:

• Directly from you when you register, complete a form, or contact us via our Service;
• When you interact with our SMS messaging service;
• From third-party partners where you have previously opted in to sharing your data with us. In these cases, our partners will have obtained your consent and we will have a data sharing agreement in place. We will only receive and process data from partners where a lawful basis for that transfer exists;
• Automatically through cookies and similar technologies as you navigate our website (see Section 9 on Cookies below).

4. LAWFUL BASIS FOR PROCESSING

Under the UK GDPR, we are required to have a lawful basis for processing your personal data. We rely on the following lawful bases:

• Consent — where you have freely given, specific, informed, and unambiguous consent. In particular, we rely on your explicit consent before sending you marketing SMS messages. You may withdraw your consent at any time (see Section 7 — Your Rights).
• Legitimate interests — where processing is necessary for our legitimate business interests (such as improving our Service and providing customer care), provided those interests are not overridden by your rights and interests.
• Contract — where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
• Legal obligation — where we are required to process your data to comply with a legal obligation.

5. HOW WE USE YOUR PERSONAL DATA

We use your personal data for the following purposes:

• Marketing communications (SMS autoresponder): We use your name and phone number to send you a single introductory SMS message about our products, services, and offers, where you have provided your prior explicit consent to receive such communications. We do not send ongoing or recurring marketing SMS messages. If you would like to query or withdraw your consent, please contact us here.
• Customer care: We use your name, email address, and phone number to respond to your enquiries, provide support, and manage your relationship with us. Where we hold your phone number as a result of your consent to receive a marketing SMS, we may also use it to contact you for customer care purposes.
• Service operation and improvement: We use technical data to ensure our website functions correctly, to diagnose technical issues, and to improve user experience.
• Legal and regulatory compliance: We may process your data where necessary to comply with applicable UK laws and regulations or to establish, exercise, or defend legal claims.

We will not use your personal data for any purpose incompatible with the purposes set out in this policy without first notifying you and, where required, obtaining your consent.

6. SHARING YOUR PERSONAL DATA

We do not sell your personal data. We may share your personal data with the following categories of recipients only where necessary:

• Service providers and processors: Third-party companies that provide technical infrastructure, SMS messaging platforms, customer support tools, or other services on our behalf. These parties are contractually bound to process your data only on our instructions and in accordance with UK GDPR obligations.
• Legal authorities: Where we are required by law, court order, or other legal process to disclose your personal data.
• Business transfers: In the event of a merger, acquisition, restructuring, or sale of all or part of our business, your personal data may be transferred to the relevant third party. We will notify you of any such change as required by law.

All personal data we hold is stored on servers located within the United Kingdom. Where we engage third-party technology providers, those providers are hosted exclusively within the United Kingdom or the European Union. Transfers of personal data between the UK and EU are made in reliance on the UK's adequacy regulations recognising the EU as providing an adequate level of data protection. We do not transfer your personal data to countries outside the UK or EU.

7. YOUR RIGHTS UNDER UK GDPR

As a data subject under the UK GDPR, you have the following rights regarding your personal data:

• Right of access — You have the right to request a copy of the personal data we hold about you (a Subject Access Request).
• Right to rectification — You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
• Right to erasure ("right to be forgotten") — You have the right to request that we delete your personal data, subject to certain conditions and legal obligations.
• Right to restrict processing — You have the right to request that we limit the way we use your personal data in certain circumstances.
• Right to data portability — You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format.
• Right to object — You have the right to object to processing based on legitimate interests or for direct marketing purposes. Where you object to direct marketing (including SMS marketing), we will cease processing your data for that purpose immediately.
• Right to withdraw consent — Where we rely on your consent as the legal basis for processing, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Rights related to automated decision-making — You have the right not to be subject to decisions made solely by automated processing where those decisions have a legal or similarly significant effect on you.

To exercise any of these rights, please contact us here. We will respond to your request within one calendar month as required by UK GDPR. We may need to verify your identity before processing your request.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your personal data in accordance with the law. The ICO can be contacted at www.ico.org.uk or by calling their helpline on 0303 123 1113.

8. HOW LONG WE RETAIN YOUR DATA

We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

• Marketing data (name and phone number): Retained for as long as necessary to fulfil the purposes for which it was collected — namely, sending a single introductory SMS message and, where applicable, providing customer care — and for a reasonable period thereafter to maintain a record of consent and to ensure we do not inadvertently contact you again, or until you withdraw your consent.
• Customer care data (name, email, and phone number): Retained for as long as necessary to resolve your enquiry and for a reasonable period thereafter in accordance with our legal obligations.
• Technical data: Retained for a period consistent with the operation and improvement of our Service, typically no longer than 12 months unless otherwise required by law.

9. COOKIES

Our website uses cookies and similar tracking technologies to distinguish you from other users and to improve your experience. Cookies are small text files placed on your device when you visit our website.

We use the following types of cookies:

• Strictly necessary cookies: Required for the website to function and cannot be switched off.
• Analytical/performance cookies: Allow us to recognise and count visitors and see how visitors move around the site, helping us improve how the website works.
• Functionality cookies: Used to recognise you when you return to our website and personalise content.

You can set your browser to refuse all or some cookies, or to alert you when cookies are being set. Please note that disabling cookies may affect the functionality of certain parts of our website. For more information about cookies, visit www.allaboutcookies.org.

10. DATA SECURITY

We have implemented appropriate technical and organisational security measures designed to protect your personal data against accidental loss, unauthorised access, use, alteration, or disclosure. We limit access to your personal data to those employees, contractors, and third parties who have a legitimate business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours of becoming aware of the breach, and will notify affected individuals where required to do so.

11. CHILDREN

Our Service is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us here and we will promptly delete it.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of any material changes by posting the updated policy on our website with a revised "Last Modified" date. Where required by law, we will seek your consent before making material changes. We encourage you to review this policy periodically.

13. CONTACT US

If you have any questions, concerns, or complaints about this Privacy Policy or how we handle your personal data, please contact us here.